The weblog Spammers vs Free Speech has a recent post titled The new whack a mole describing the problem of data centers and large hosting providers becoming vectors for spammers via outdated end user software. It’s worth a read.
But a significant fraction of these spamming stations are low cost Web servers installed by the thousands in data centers like Everyone’s Internet (EV1) and Schlund. You don’t even have to corrupt their operating systems. They’re running years-old copies of PHP-Nuke and Joomla and phpBB and Squirrel Mail. Web applications any fool can install by clicking a button on the retailer’s “control panel.” Unfortunately, the “control panel” doesn’t have a button for “bring my PHP-Nuke up to the current version.” And the guy who’s renting time on one of these boxes has no idea how to install a security patch, and doesn’t have the necessary access, and even if he did, the “control panel’s” version of the application is just different enough from the original that you can’t be sure a security patch for the original won’t break.
Related posts
iPhone SSH clients reviewed: iSSH, pTerm, and TouchTerm SSH is the de facto way to establish a secure connection with a command line interface. It is an essential too for people who regularly manage Unix servers, ne ...
New at noteworthy from the Mobile 2.0 SF conference The Mobile 2.0 San Francisco conference was held on November 3rd, 2008. This year's event featured a single business track in the morning and added a second "bu ...
Link roundup 9/24/07 Three recent posts from O'Reilly weblogs ONLamp.com -- An OpenLDAP Update: Marty Heyman provides a nice overview of major enhancements to OpenLDAP over the year ...
Syndicate with RSS
Add New Comment
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Add New Comment